A flaw in Meta’s AI-powered support system reportedly exposed access to more than 34,000 Instagram accounts, showing how a weak verification layer can turn automation into a large-scale security problem.
The incident did not rely on stolen passwords, phishing, or malware. Instead, the attacker manipulated an AI chatbot tied to account recovery and used that path to alter the recovery email, reset passwords, and take over accounts.
How the takeover happened
According to The New York Times, as cited by Android Authority, the attacker tricked the chatbot into changing the recovery email on affected accounts. Once that email was switched, the attacker could reset the password and gain control.
That detail matters because the failure was not in the AI model acting independently. The weakness sat in the surrounding verification process, which was not strong enough to stop misuse during account recovery.
Meta has said the main issue lies in the verification mechanism around the recovery flow rather than in the AI model itself. In other words, the chatbot operated inside a support process that could be manipulated into completing actions it should not have allowed.
More than just account access
The impact went beyond simple lockouts. Around 20,000 accounts were reportedly compromised, and personal details such as email addresses, phone numbers, and dates of birth were exposed.
Other accounts were affected in different ways, including username changes and temporary loss of control over profiles. The scale of the incident suggests that one verification flaw can spread quickly when automated repeatedly.
| Reported Impact | Details |
|---|---|
| Accounts exposed | More than 34,000 Instagram accounts |
| Accounts compromised | About 20,000 |
| Data exposed | Email addresses, phone numbers, dates of birth |
| Other effects | Username changes and temporary loss of control |
High-profile accounts were not spared
The affected accounts were not limited to everyday users. Business accounts, public figures, and organizations linked to government were also said to be among the victims.
Some hijacked profiles were used to post unauthorized content before access was restored by Meta. That widened the consequences beyond privacy and into reputation, public communication, and trust.
Meta’s response stays limited
Meta said it is conducting a broader review to identify and address additional security issues. The company also reportedly notified affected users and regulators.
Still, the immediate shutdown appears narrow. Internal documents cited by The New York Times indicate that Meta only halted an Instagram password recovery experiment directly tied to the incident.
At the same time, the company’s wider push toward AI-based customer support continues. That means the breach has not slowed Meta’s broader AI plans, even as employees discuss how to handle similar incidents in the future.
A warning for the industry
The episode highlights a growing concern across the technology sector: AI tools are being placed into sensitive support roles faster than the safeguards around them are improving.
When a manual support error affects one account, the damage is limited. When the same mistake can be repeated automatically at scale, a single weakness can become a mass takeover path before it is detected.
For Instagram users and the wider industry, the case is a reminder that the biggest risk is not always the AI model itself. Often, the danger comes from the systems built around it, especially when account recovery and identity checks are left open to manipulation.
